Norton Returns: Malware and Anti-Malware on the Mac

Malware still isn't much of a problem on the Mac, but is security software a good idea for Mac users? Symantec thinks it is, and it's not for nothing that they're re-entering the market.

There's been some talk lately about malware on the Mac and whether users need anti-malware software.
Clearly the situation is nothing like on Windows where going on the
Internet without an anti-malware program is like taking a walk out on
the Interstate; the question isn't if you'll get hit, but when.
There definitely is malware on the Mac and some users do get
attacked by it, but in all likelihood the numbers are small. It's odd,
since there's no technical difference between the Mac and Windows that
would make the Mac more resistant to malware; malware writers just
don't bother with the Mac. But one day that could change.

Symantec will try to convince users they need protection by releasing a new Norton Internet Security for Mac.
It's a lot more than just anti-virus; even if you scoff at the notion
of anti-virus for the Mac you must admit that Mac users are subjected
to spam, phishing, network attacks, and other threats, and NIS for the
Mac protects against these. The presentation I got focused more on the
firewall than anything else. They're quite proud of the firewall, which
they think is the best for the Mac.

There's another cool feature which would appeal to me as a Mac user who ran Windows in a VM: Norton Internet Security for Mac Dual Protection also includes a license for NIS for Windows to run in those VMs for only $10/year more. That's a smart product to offer.
What if some of the more talented Windows malware rackets decided to
try to squeeze out some extra action by targeting the Mac? Almost all
malware on Windows these days gains entry to the system through social
engineering, and I'll assume that Mac users are no less gullible than
Windows users. There are also plenty of ways one could specifically
target Mac users, although I won't go into them here.
Were such a thing to happen it could be smallpox and the Indians all
over again: A large and unprotected population could be devastated
quickly. True, OS X has many safeguards built in, but there are ways
around that, especially if a vulnerability is employed, and there are
lots of vulnerabilities in OS X. One of the ways that vulnerabilities
get contained in the Windows world is that anti-malware companies
spread definitions of known attacks, so that even if you're not
protected against the vulnerability you may be safe from the attack.
This level of protection is absent among Mac users.
So it could happen, but the fact that it hasn't happened after all
these years makes it hard to argue that it's about to happen. I keep
hearing how Mac market share is increasing; I'm not sure it's that
significant a change, but a marked increase in market share would make
the difference to malware authors and they would begin to target it.
Where's that number? 20% 30% Even today's numbers are very large in
absolute terms.
I also don't know how well previous Norton products for the Mac have
gone. I heard good things about the OS 9 generation of them, but the
previous OS X versions were not well-received. The product was last
released in 2003 and it looks as if Symantec had abandoned the Mac,
probably because nobody was buying their software.
Do they know something? Probably not, but they guess, as I just
have, that conditions could be ripe for security software on the Mac to
be more important than it has been in the past. If all goes well, or
badly depending on your point of view, the next step is enterprise Mac
security products.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.For insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's blog Cheap Hack

Larry Seltzer has been writing software for and English about computers ever since,much to his own amazement,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.